How does NAT port forwarding work?

If you install a router that handles the Internet connections of your local network, it uses the public IP address which
your Internet service provider assigned to you to communicate with other machines on the Internet. For reasons of simplicity
and scarcity of IPv4 addresses, your ISP only assigns one address to your router, independent of how many machines are operating
in your LAN. Each of your machines has a "local" IP address. Now the router has to employ a method to multiplex one "public"
IP address to multiple "private" IP addresses in your LAN. This is done by NAT port forwarding.

All connections on the Internet can be identified by four parameters:

Source IP address

Source port number

Destination IP address

Destination port number

When one of the computers in your LAN initiates a connection to a server on the public Internet, it selects a source port
number and establishes a connection to a certain destination IP address and port number. The source IP address for packets
on this connection is the local ("private") address. However, this IP address is only valid in the LAN behind the router,
but not on the Internet (hence the attribute "private").

So packets from the Internet can get back to your computer, the router maps your computer's local IP address and port number
to a public IP address and port number. Typically, the port number is kept, but the local IP address must be replaced by
the public IP address. The router modifies all packets sent to the remote server as long as the connection is alive. When
the router receives a packet from the remote server for a mapped port, it uses the same port mapping to send the packet to
the right computer on your LAN. For outgoing connections the router can establish this port mapping automatically.

For example:

Local ("private") IP address, e.g. 192.168.2.11

Local port, e.g. 4242

Remote IP address, e.g. 144.76.59.84

Remote port, e.g. 80 (for HTTP)

Public IP address, e.g. 85.161.92.143

Connections from 192.168.2.11:4242 to 144.76.59.84:80 are mapped to connections from 85.161.92.143:4242
to 144.76.59.84:80.

However, this automatic mapping is not possible for incoming connections. When someone from the Internet wants to establish
a connection to one of the computers in your LAN, all your router sees is your public IP address as destination IP address
and some port number, but it has no way to know to which local computer the packet should be forwarded. Therefore, you need
to configure this mapping manually.

Usually the destination port number of incoming connection requests determines the local destination. You can set up your
router accordingly, so that a certain destination port is always forwarded to a specific computer. If a new packet arrives
from the Internet, your router replaces the public IP address and port number with their local counterparts that you had
configured and then forwards the packet to the right local computer.

So from the standpoint of the public Internet all your local computers are just one machine with one public IP address and
several established connections.

Setup NAT port forwarding for your router

Get a free cFosSpeed and cFos Personal Net license!
(If your router isn't already listed here)
Help us to complete our
router guide
.
Write instructions of how to set up NAT port forwarding with your router.

Vodafone

Wolflink

Xiaomi

Zhone

ZTE

Zyxel

Other

If you would like to earn a license key for cFosSpeed and cFos Personal Net by sending us instructions for this router,
you can contact us by clicking on the button below.
(If your router isn't already listed here)

Důležité
The instructions should contain some screenshots and a step-by-step guide, which can be followed easily (
see example
).
The numbers to
mark the specific steps
in your screenshots can be downloaded
here
. Please
don't use other means
(e.g. arrows or circles) to mark the steps
The screenshots should not be scaled down and saved as 24-bit PNG or high quality JPG.
Please don't put your screenshots into any kind of container file (e.g. DOC, PDF or HTML mail), but send them as
single files or in one ZIP archive. To describe the specific steps you can use a plain text file or the body of your mail.

Got it
We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share
information about your use of our site with our social media, advertising and analytics partners.
See details